picoCTF - Cookies

Description

Who doesn't love cookies? Try to figure out the best one. http://mercury.picoctf.net:27177/

Hints - none

Step -1: After opening the site, I input snickerdoodle into the search textbox which led me to a display page saying I love snickerdoodles!

Step-2: I inspected the page and found that the cookie value is set to 0 So, I intercepted with burpsuite and changed the cookie values randomly which resulted in different outputs.

Step-3: Then, I sent the request to intruder and brute forced the page with 1-20 cookie values

Step-4: Finally, for cookie value 18 we get our flag in the response token.